HP Procurve configuration 2928 and VLAN

Hi all

We configure two VLANS on the switch, but we do not have any router to connect these two networks.

The network address range VLAN (id 972) first is 192.168.1.0 (computer admin)

And the second (id 100) VIRTUAL LAN 192.168.2.0 (VmWare management network)

Using a mask of 255.255.252.0 these two networks can communicate if they are on the same local network.

So we can use a cable between a port of each VIRTUAL LAN to connect VLAN 100 id with the id of the VLAN 972 on the same switch?

And how to configure these ports?

Thanks for your help

Nicolas

Hello

Thks for this response.
I found a solution by using switches VLAN Interfaces as a router.

Nicolas

Tags: Notebooks

Similar Questions

  • Configurations of VMotion and VLAN

    Configurations of VMotion and VLAN

    ESXi 4.0 / 4.0 vCenter

    Can someone explain how to configure the ports VMotion using VIRTUAL LANs.

    Here's the design;

    Two network adapters for teaming on a virtual standard switch 0

    A network for management and another network for VMotion traffic

    The ports management group is on VLAN 103 and its default gateway is set to the network VLAN 103

    When I add a for VMotion VMkernel port group and configure the network, and I use the gateway of 103 VLAN by default I can't vmkping the other interfaces for VMotion similar configuration.

    If I change the default gateway settings and use VMotion gateway, then bad things happen, i.e. lose connectivity to the service console.

    Thanks,-Jeff

    Both an eon of ar sthjey the same physical segment (i.e., the plughed in the same physical switch) there will be no need for a gateway for the vmotion network address.

    If you find this or any other answer useful please consider awarding points marking the answer correct or useful

  • With the help of VLANS and VLAN Tagging is not working / no connection

    Hello

    I m trying to configure a VLAN between some virtual machines on ESX host 3.

    I want to do this way:

    http://KB.VMware.com/selfservice/microsites/search.do?language=en_US & cmd = displayKC & externalId = 1004074

    I got 1 dedicated NETWORK adapter to each ESX host that is connected to a dvSwitch in which I configured a portgroup

    with VLAN ID 2121. I have configured each virtual machine to use this network.

    When I put the virtual machines on a single host, they are able to communicate.

    When they are placed on different hosts they are (if the VIRTUAL LAN is enabled on portgroup) not able to communicate.

    So I m assuming it must be a problem in the config NIC on the ESX host or switch.

    I m using a HP2910AL on which I activated mode trunk for each port that is connected to a NETWORK card with

    the dvSwitch/Portgroup I try to use for the vlan. In the hp switch, I have a default VLAN with ID 1 where

    the Ports are marked not signposted. I install a second VLAN on the switch with ID 2121 in which I scored

    This tag ports.

    Is there something else to do - perhaps side ESX host?

    I tried changing the settings as "forged transmission-> allow ' on portgroup and I found other things

    in the web, but always without success.

    Kind regards

    Patrick

    Were you referred to this guide? :

    http://CDN.ProCurve.com/training/manuals/2910-ATG-Feb09-2-VLAN.PDF

    "show vlan ports" would be my next check to make sure that you have connected to your ESXi host 3 ports in the vlan 2121.

    As Duncan has said if you have a VLAN ID on the portgroup in the vSwitch and you have the port on the pSwitch as trunk not acess and VLAN ID is allowed on the trunk port pSwitch you should be ok.  Just to clarify the trunk is 802. 1 q No 802.3ad.

    The reverse is not VLAN ID on the portgroup vSwitch, use coelio on pSwitch with VLAN ID.  Limited pSwitch port to a VLAN, this may be ok for you?

  • SFE2000 and VLAN

    Before we begin, I want to say that I saw "' responses to my question, but never exactly what I'm looking for, so I create a new post.  I'm not a network engineer, so please forgive my ignorance.

    We are a public library.  We have a network that includes a number of branches, through the central site of the main library.  We show an ASA firewall. We have a Cisco3825 for local and a series of Cisco2800 Internet connection.  We use a system of 192.168.xx.xx, using DHCP network.  We have a number of PCs that are on the network access to the public and they are locked by using various software that prevent people to do much except get Internet.

    What we want to do is to put the public pc in their own network, always using our Internet connection, but not allowing them to see or access one of our 192. addresses.

    We bought a Linksys SFE2000 and it is my understanding that if I use it as a layer 3 switch, we can do what I suggested above.  However, I get so far and I reached my level of incompetence!  We want that all the public pc to come through the SFE2000 and although about allowing the public to use a wireless connection (but that is located).

    Can anyone offer suggestions or point me to a site that will help me?  Thanks in advance and again, sorry for my ignorance.  I look forward to hearing from anyone.

    Well, the router must have at least one interface. If the interface is used otherwise you can simply run it through the router as well.

    If you want to use the features of the ESF L3 basically configure you the VLAN as I've mentioned before. You enable L3 on the ESF, then you configure filtering on the ESF for the VLAN 'public '. Drop everything that goes in your charge of private VLAN.

    The problem is the connection to the router. We must define a new IP subnet for routing between the CPE and the Cisco. So, basically you will need a 3rd VLAN to connect with the Cisco. You can use a very small for this IP subnet if you wish. For example, add VLAN3 with IP address 192.168.99.101/255.255.255.252. The port on the Cisco configure IP address 192.168.99.102/255.255.255.252. On the ESF, set the default gateway 192.168.99.102. Who should route all internet traffic to the Cisco.

  • Subinterfaces and VLAN

    Hi all

    I was hired on with a State... Now its been awhile, but I do not remember how subinterfaces and VLAN all link together!

    Now correct me where I'm wrong (please), but them VLAN is created on the correct first switches?  When you create a VLAN on a switch you don't need ip or gateway address by default because them VLANS are the switch.  If you want intervlan routing you need a router.  Then, you configure a port trunking between the switch and router (ISL, 802. 1 q).  Now in the router, you can create a VLAN, and here you inter the ip subnet or the default gateway addresses correct?  This is where I get confused as to what reasons do you need subinterfaces?  How they roped VLAN and what would be the logical flow of data?

    Anyhelp would be appreciated!

    Yes you are right. If you are using the layer 2 switch and want to make the intervlan Routing then you need Layer 3 router device. But you must configure the interfaces sub with the default gateway to route traffic. Because there is a single trunk between swich and router so we need sup interfaces for multiple VLANs.

    Interface FastEthernet0/0.1

    Encapsulation dot1q 10 (10 represent 10 ID VLAN)

    10.1.1.1 IP address 255.255.255.0

    If you use a layer 3 switch, then you point all sub interfaces need so then you can create the interface vlan with the default gateway. You must enable ip Routing.

    Interface vlan 10

    10.1.1.1 IP address 255.255.255.0

    Hope this will help.

    Please rate if this can help.

    Thank you

  • VPN and VLAN

    We have a site divided into 2 IEE802.1Q VLAN, using no switches Cisco. They have a PIX515 for Internet access. It is also configured to provide inbound VPN access for management and general purpose of access.

    In principle it is possible to set up a new VPN connection which is reflected by its interior traffic be tagged with a specific VLAN ID while all other traffic (including other VPN connections) remain without a label?

    If the PIX ends your VPN from the outside that the answer is no. If the VPN is coming from outside, and ending at the PIX she never travels a VLAN. VLAN tagging is used to identify what VLAN came from a source image and what VLAN it is intended for a current switch vlan can 'route' frame through the appropriate VIRTUAL LAN. Why you want to tag from outside VPN traffic? If it's to control access, you can specify 2 VLANS and VLAN 3 on the PIX (as long as it has code 6.3) and control what VLAN, you want that each group VPN access to through the use of the ACL. Each VLAN on a PIX is treated as a physical interface. It has its own security prefs (0-100) and can have ACL applied to them as well as the physical interfaces.

  • Cisco SG500 and VLAN

    OK so here is what I try to accomplish with 3 switch Cisco SG500-52. I created 4 VLANS on a SG500 I call my central office switch and it is set in routing mode. My VLAN is thus 400 (Infrastructure ESXI hosts, firewall, etc.), 401 (VoIP), 402 (users) and 403 (wireless). I have configured interfaces and the delivery without problem for me through my subnets and the communities of remote access through 3 offices.

    Where I'm not sure is on the SG500 I set as a L2 switch and my ESXi host are connected (I have 10 ports on one VLAN remote iSCSI traffic) is that I have to create VLAN 400 and mark those ports not marked? So should I use 1-2 ports and set them as ports and tag to my main switch 400?

    In the affirmative on the main switch I create junction ports and mark for the VLAN on the switch that could access the L2 switch? Is this also the case for the other SG500 I have who are all devices for 402 VLAN?

    I'm overloading it?

    Thanks in advance for any help.

    Hi Sdonnelly2,

    For vlan 402 and 400 on the uplink to your sg500 (L2) would be 400U and 402 T.

    Other interfaces for VoIP phones on vlan 401 would be configured to 401 T. This is if your phones expect traffic labeled, otherwise they would be configured to 401U.

    For Vlan 402 other interfaces would still be 402U. PC only contacted untagged traffic

    For 403 Vlan wireless uplink access point must be configured (400U, 401, 402, 403T)

    It is perhaps more information than expected, but I hope that I have answered other questions you had.

  • Create 2 VLAN (VLAN 1 and VLAN 2)

    Hi all

    I need help and advice with my new Cisco SF300-48. I want to create 2 vlan (vlan 1 and vlan 2). The switch is set at layer 2.

    example:

    VLAN 1 (port 1, 2, 3), vlan 2 (port 4, 5, 6)

    VLAN 1 can communicate with each other (port 1, 2, 3) and vlan 2 can communicate with each other (port 4, 5, 6)

    But vlan 1 cannot communicate with vlan 2.

    Any help would be appreciated

    Thank you

    Johan

    Well, as far as I understand the message communication between the VLAN is not necessary. The thing is, that all ports LAN VIRTUAL (for example VLAN 1 with ports 1, 2, and 3) cannot communicate with each other. Did you check the configuration of the port / VLAN (VLAN configured to each port configuration right / right about the tag-no identified)?

  • POS and vlan

    Initial conditions:

    NET 172.30.157.0/24 with vlan 3032.

    I try to deploy Vmware DataProtection 6.1.1.

    Deploy device with vCenter and configuration of the network settings.

    1.png

    After the restart the system in the virtual machine does not work because VLAN is not set up

    2.png

    Configure the vlan according to manual http://www.UNIX.com/man-page/SUSE/5/ifcfg-VLAN/

    Parameters of comment in/etc/sysconfig/network/ifcfg-eth0:

    #IPADDR = '172.30.157.110'

    #NETMASK = "255.255.255.0" "

    Create new config for vlan /etc/sysconfig/network/ifcfg-eth0.3032

    STARTMODE = 'auto '.

    ETHERDEVICE = "eth0".

    ID_VLAN = '3032'

    IPADDR = '172.30.157.110'

    NETMASK = "255.255.255.0" "

    BROADCAST = '172.30.157.255'

    Restart the virtual machine and test that network will work:

    root @(None): ~ / #: ping 172.30.157.110

    PING 172.30.157.110 (172.30.157.110) 56 (84) bytes of data.

    64 bytes from 172.30.157.110: icmp_seq = 1 ttl = 64 time = 0,061 ms

    64 bytes from 172.30.157.110: icmp_seq = 2 ttl = 64 time = 0,037 ms

    64 bytes from 172.30.157.110: icmp_seq = 3 ttl = 64 time = 0.024 ms

    Network is working. But the console shows that the network does not work.

    3.png

    Check the roads:

    root @(None): ~ / #: route ip

    by default via 172.30.157.254 dev eth0.3032

    127.0.0.0/8 dev lo scope link

    169.254.0.0/16 dev eth0.3032 scope link

    172.30.157.0/24 dev eth0.3032 proto kernel scope link src 172.30.157.110

    root @(None): ~ / #: route

    Kernel IP routing table

    Destination Gateway Genmask Flags metric Ref use Iface

    by default 172.30.157.254 0.0.0.0 UG 0 0 0 eth0.3032

    Loopback * 255.0.0.0 U 0 0 0 lo

    link-local * 255.255.0.0 U 0 0 0 eth0.3032

    172.30.157.0 * 255.255.255.0 U 0 0 0 eth0.3032

    Enter at the https://172.30.157.110:8543 / vdp - configure / and see the perfect situation:

    There are fields with netowork empty setting and there is not the label of fields

    4.png

    Fill in all the fields? but they are red and nobody presses the button "next".

    5.png

    Change the network setting in the/etc/sysconfig/network/ifcfg-eth0 and restart:

    IPADDR = '172.30.157.110'

    NETMASK = "255.255.255.0" "

    BROADCAST = '172.30.157.255'

    After the reboot the network does not, although VM ping of the network 'outside '.

    6.png

    Look at the roads. There are two identical courses for different interfaces:

    7.png

    Remove the road to eth0

    IP route del 172.30.157.0/24

    8.png

    Enter at the https://172.30.157.110:8543 / vdp - configure /

    Now, the page is correct and the 'next' button is prerssed.

    9.png

    After installation complete wizzard, I have a few problems:

    -root password does not change

    -integration with vcenter was not held

    -network windows do not work, because hadou presents two routes identical defferent from the network interfaces

    How can I configure POS with VLAN?

    PS: Sorry for my English.

    Hello

    Why try you tag VLAN in the unit?

    Why you do not configure the VLAN to the portgroup to map network application uses?

    Tim

  • VMWare Player and VLAN

    Hi all out there.

    I have a problem regarding virtual local networks and virtualization. The configuration is as follows. Our developers are about to get virtual machines with Linux (centos) guests on their desktop computers. Host machines are Windows 7 boxes with sufficient CPU, RAM and disk space. Each box has only one NIC installed and connected to the internal LAN. On this single cable Lan, there should be 2 VLANS:

    1. vLan id 100 for windows hosts (configured as default vLan on the switch ports)
    2. vLan id 199 for the machine virtual (different configuration for routing/firewall/proxy)

    The network for the virtual machine must be set to bridged, because making web development, developers must be able to access Web servers installed on the virtual machines via a browser.

    The original plan was to use VMware Player, install Linux, configure the vLan in the comments, and it works. But no package has left the virtual machine when you ping the default gateway of the vLan 199. To me, it seems that something is declining for all packages on vLan the vLan 199.

    The questions are:

    • VLANs are supported by VMware Player or workstation after all?
    • They are supported in a configuration like that?
    • How do we? Must be setup in Windows as well?

    Help would be very nice

    Greetings

    Joachim

    The default virtual network Editor is not installed with VMware Player and you will need to transform automatic bridging and define VMnet0 to use vLAN199 and then bridge network adapter to the Virtual Machine should work.

    For the workaround you can run VMware-player-* .exe - e c:\vmptmp from a command line and then search for the c:\vmptmp\network.cab file and extract (double-click on the .cab file) vmnetcfg.exe (virtual network editor) file in the working directory of VMware Player usually 'C:\Program Files\VMware/VMware Player', you can create a shortcut and place it with the shortcut of VMware Player If you want easier access.  NOTE: It takes several minutes for the VMware-player-* .exe to extract all then be patient.

    Post edited by: WoodyZ - view Original, January 19, 2012 07:41 - removed, first paragraph, that in fact it has been copied from another answer I did earlier and by chance this response.

  • Existing vSwitch using and VLAN

    Hello

    I was wondering if it was possible to configure Lab Manager to use an existing vSwitch and VLANS configured in vCenter rather than create its own switch and VLAN?

    Thank you.

    Unfortunately not.  You will need to let LM create and manage their own groups of ports or switches.

    Note that:

    -When you bind a physical network to a vSwitch/vDS, LM creates a port group to represent the network (it also has an 'LM' tag in vCenter)

    -If you deploy a configuration "reserved", he made a vSwitch or vDS port group to represent the fence... and limit network traffic.  Again, when you look in vCenter, there should be an 'LM' tag to the object.

    Kind regards

    Jon Hemming, b.SC., RHCT, VMware vExpert 2009
    http://Twitter.com/vJonHemming

    If your question or problem has been resolved, please click the "right answer".  If someone helped him, please click "useful answer.

  • Difference between groups of ports and VLANS

    Hi guys

    I read ESX Admin guide 2 times till now, but I still don't know what exactly is the difference between groups of ports and VLANS? I understand, but if someone asks me this question I will not be able to respond with confidence.

    Network also label: my understanding is that it's just label No technical significance in configuration?

    Thanks in advance

    One VLAN is one of the many settings that you can configure for a group of ports, you also have the tabs security, Traffic Shaping and consolidation of NETWORK cards.

    Port group name, you associate you a VM port group must be placed systematically on other hosts if you want to migrate or virtual failover from one host to another.

    Scott.

    -

  • Question about VMKernel iSCSI traffic and VLANS

    Hello

    This is a very fundamental question that I'm sure I know the answer too, but I want to ask him anyway just to reassure myself.  As a precursor to my question, the configuration of my ESX infrastructure is best described here: http://www.delltechcenter.com/page/VMware+ESX+4.0+and+PowerVault+MD3000i.  Or more precisely, we have two controllers MD3000i.  Each controller has two ports and each port is configured on two different subnets, with every subnet connected to the different switch.  ESX host are connected to two switches.  The only difference for the guide, is we have two MD3000i configured the same, connection to the same switches.  Each MD ports is configured on the same subnet, but different IP addresses.

    At present, we are in the process of upgrading our two iSCSI switches of humble Dlink DGS - 1224T to Cisco 2960 T of.  The switches have been and continue to be dedicated to iSCSI traffic, however, I'm trying to set up VLAN s on the side of the switch.  Originally, we used the default VLANS on switches, however, after you have added an another MD3000i, noted the Support Dell best practices is to separate each on its own subnet and VLAN MD3000i iSCSI traffic. This would result in iSCSI 4 VLANS, two on each switch and two for each MD3000i.  Firstly, is this in fact of good practices?

    Second, if I migrate preceding 4 iSCSI VLANS, as each switch port will actually be an access port, will there need to complete the VLAN ID field in the VMKernel configuration page? Presumably, this field is used when the tagging VLAN is used, but as our switches do not need any other rocking trunk (as they are dedicated to iSCSI traffic), there should be no need to fill?  I guess it would be prudent to keep the two existing subnets, create two new subnets and make changes to an MD3000i and connection of the ESX host.  Provided the switch and switch ports has been appropriate configured with VLAN on the right, the rest should be transparent and he wouldn't be Intel VLAN in all ESX hosts?

    Would be nice to get answers and thank you in advance!

    Gene

    (1) Yes, it is best practice for ESX iscsi, having an independent network and vlan for iscsi traffic.

    (2) No, there is no need to mention anything in the area of vlan, if you use an access port. Its a mandatory thing than a choice. If you supply the id vland with access port, it loses connectivity.

    Please explain a bit why you need to create two different virtual local networks for each MD3000i. You are going to use several on the same ESX box iscsi storage? Alternatively, you use only a single iscsi and use these 4 ports for the same single VMkernel interface?

    NUTZ

    VCP 3.5

    (Preparation for VCP 4)

  • I replaced my original Apple Watch with a watch of S2. When I install and associate the new shows, is there a way I can restore all applications, configuration information and data of the original of the new shows so I don't have to start from scratch?

    I replaced my original Apple Watch with a watch of S2. When I install and associate the new watch and my iPhone 7 more, is there any way I can restore all applications, configuration info and data between the original and the new shows, so I don't have to start from scratch?

    Try this procedure

    Cancel the twinning of your iPhone - Apple and Apple Watch Support

    Spend your Apple Watch a new iPhone - Apple Support

  • All my configuration page and fonts have changed suddenly, how to restore the previous settings. THX

    All my configuration page and fonts have changed suddenly, how to restore the previous settings. THX

    Hi André Haub,

    Follow the steps in this document to perform a system restore. This process restores your system to a previous point files.

Maybe you are looking for